Monthly Vulnerability Review – June 2020

Flexera
Flexera
5 0 447

Summary

501 advisories for 82 unique vendors in 354 products and 453 unique versions, while issued 111 rejected advisories. An 11% increase in the total number of advisories from the previous month.

Details of Secunia advisories are explained in this article.

Browsers

Three advisories were issued for Google Chrome. All were highly critical and had threat scores attached to them and exploits were linked to cyber attacks and historically linked to Penetration tools.

Two advisories for Mozilla Firefox and one for Internet explorer.

Call to Action

Keep your browsers updated due to exposure.

1.png

 Secunia Advisory criticalities are further explained at this link

2.png

 

3.png

CVSS v3 is the industry standard to define the severity of the vulnerabilities, its exploitability, impact metrics, and environmental metrics.

 

4.png

 

5.png

The criteria for Threat Score calculation are outlined at this link.

6.png

Ransomware, Malware, and Exploit Kits:

When browsing a malicious page, a race condition in the SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.                                     

 

  • Historically Linked to Ransomware:          9 (1.80%)
  • Historically Linked to Malware:                 78  (15.57%)
  • Linked to a Recent Cyber Exploit:              43 (8.58%)
  • Related to a Historical Cyber Exploits:      240 (47.90%)
  • Included in Penetration Testing Tools:     216  (43.%)

Conclusion

The number of advisories increased in the month but similarly, 111 advisories were rejected which is 18% of total advisories. Secunia Research adds value by helping customers focus on high priority vulnerabilities and assets.